-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----[ Microsoft ISA Server Fragmented Udp Flood Vulnerability ]---- - ----[ Type A system resource is exhausted. - ----[ Summary A fragmented Udp attack through the microsoft isa server makes the system hampered by using the cpu at 100%. Meanwhile server uses processor power too much and therefore packet process ratio decreases. - ----[ Log You may reach the session log through http://www.tamersahin.net/downloads/isa.txt - ----[ Exploit opentear.c by RootShell http://www.tamersahin.net/downloads/opentear.c - ----[ Tested Windows 2000 Server + Service Pack 2 Microsoft ISA Server Enterprise Edition Full + All Fixes - ----[ Vendor Status Microsoft has been contacted. - ----[ Disclaimer Tamer Sahin is not responsible for the misuse or illegal use of any of the information and/or the software listed on this security advisory. - ----[ Greetz bLaCkWinD, RhinoCO, nigma, CronoS, inf0, omniheurist, HuzursuZ, LuNiZ, dEtAy, Derwish, Strange Deja Vu, Nosferatu, dummy, WebEffect and you! Tamer Sahin http://www.tamersahin.net PGP Key ID: 0x63DE5F63 Fingerprint: 63D9 FBE7 7369 A9A9 1119 C80C 31D3 D363 63DE 5F63 -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com> iQA/AwUBO+LBDDHT02Nj3l9jEQLqZwCg4AU8Vlymy7NY1QELhGCQJtzaXk0An1Yd HDDJ8gi5v4Bq4TEczZY/dZPe =glWR -----END PGP SIGNATURE-----
